com.pulumi.vault.saml.kotlin.AuthBackendArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-vault-kotlin Show documentation
Show all versions of pulumi-vault-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.vault.saml.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.vault.saml.AuthBackendArgs.builder
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Manages a SAML Auth mount in a Vault server. See the [Vault
* documentation](https://www.vaultproject.io/docs/auth/saml/) for more
* information.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as vault from "@pulumi/vault";
* const test = new vault.saml.AuthBackend("test", {
* path: "saml",
* idpMetadataUrl: "https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata",
* entityId: "https://my.vault/v1/auth/saml",
* acsUrls: ["https://my.vault.primary/v1/auth/saml/callback"],
* defaultRole: "admin",
* });
* ```
* ```python
* import pulumi
* import pulumi_vault as vault
* test = vault.saml.AuthBackend("test",
* path="saml",
* idp_metadata_url="https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata",
* entity_id="https://my.vault/v1/auth/saml",
* acs_urls=["https://my.vault.primary/v1/auth/saml/callback"],
* default_role="admin")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Vault = Pulumi.Vault;
* return await Deployment.RunAsync(() =>
* {
* var test = new Vault.Saml.AuthBackend("test", new()
* {
* Path = "saml",
* IdpMetadataUrl = "https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata",
* EntityId = "https://my.vault/v1/auth/saml",
* AcsUrls = new[]
* {
* "https://my.vault.primary/v1/auth/saml/callback",
* },
* DefaultRole = "admin",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-vault/sdk/v6/go/vault/saml"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := saml.NewAuthBackend(ctx, "test", &saml.AuthBackendArgs{
* Path: pulumi.String("saml"),
* IdpMetadataUrl: pulumi.String("https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata"),
* EntityId: pulumi.String("https://my.vault/v1/auth/saml"),
* AcsUrls: pulumi.StringArray{
* pulumi.String("https://my.vault.primary/v1/auth/saml/callback"),
* },
* DefaultRole: pulumi.String("admin"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.vault.saml.AuthBackend;
* import com.pulumi.vault.saml.AuthBackendArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var test = new AuthBackend("test", AuthBackendArgs.builder()
* .path("saml")
* .idpMetadataUrl("https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata")
* .entityId("https://my.vault/v1/auth/saml")
* .acsUrls("https://my.vault.primary/v1/auth/saml/callback")
* .defaultRole("admin")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* test:
* type: vault:saml:AuthBackend
* properties:
* path: saml
* idpMetadataUrl: https://company.okta.com/app/abc123eb9xnIfzlaf697/sso/saml/metadata
* entityId: https://my.vault/v1/auth/saml
* acsUrls:
* - https://my.vault.primary/v1/auth/saml/callback
* defaultRole: admin
* ```
*
* ## Import
* SAML authentication mounts can be imported using the `path`, e.g.
* ```sh
* $ pulumi import vault:saml/authBackend:AuthBackend example saml
* ```
* @property acsUrls The well-formatted URLs of your Assertion Consumer Service (ACS)
* that should receive a response from the identity provider.
* @property defaultRole The role to use if no role is provided during login.
* @property disableRemount If set to `true`, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
* @property entityId The entity ID of the SAML authentication service provider.
* @property idpCert The PEM encoded certificate of the identity provider. Mutually exclusive
* with `idp_metadata_url`.
* @property idpEntityId The entity ID of the identity provider. Mutually exclusive with
* `idp_metadata_url`.
* @property idpMetadataUrl The metadata URL of the identity provider.
* @property idpSsoUrl The SSO URL of the identity provider. Mutually exclusive with
* `idp_metadata_url`.
* @property namespace The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
* @property path Path where the auth backend will be mounted. Defaults to `auth/saml`
* if not specified.
* @property verboseLogging If set to `true`, logs additional, potentially sensitive
* information during the SAML exchange according to the current logging level. Not
* recommended for production.
*/
public data class AuthBackendArgs(
public val acsUrls: Output>? = null,
public val defaultRole: Output? = null,
public val disableRemount: Output? = null,
public val entityId: Output? = null,
public val idpCert: Output? = null,
public val idpEntityId: Output? = null,
public val idpMetadataUrl: Output? = null,
public val idpSsoUrl: Output? = null,
public val namespace: Output? = null,
public val path: Output? = null,
public val verboseLogging: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.vault.saml.AuthBackendArgs =
com.pulumi.vault.saml.AuthBackendArgs.builder()
.acsUrls(acsUrls?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.defaultRole(defaultRole?.applyValue({ args0 -> args0 }))
.disableRemount(disableRemount?.applyValue({ args0 -> args0 }))
.entityId(entityId?.applyValue({ args0 -> args0 }))
.idpCert(idpCert?.applyValue({ args0 -> args0 }))
.idpEntityId(idpEntityId?.applyValue({ args0 -> args0 }))
.idpMetadataUrl(idpMetadataUrl?.applyValue({ args0 -> args0 }))
.idpSsoUrl(idpSsoUrl?.applyValue({ args0 -> args0 }))
.namespace(namespace?.applyValue({ args0 -> args0 }))
.path(path?.applyValue({ args0 -> args0 }))
.verboseLogging(verboseLogging?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AuthBackendArgs].
*/
@PulumiTagMarker
public class AuthBackendArgsBuilder internal constructor() {
private var acsUrls: Output>? = null
private var defaultRole: Output? = null
private var disableRemount: Output? = null
private var entityId: Output? = null
private var idpCert: Output? = null
private var idpEntityId: Output? = null
private var idpMetadataUrl: Output? = null
private var idpSsoUrl: Output? = null
private var namespace: Output? = null
private var path: Output? = null
private var verboseLogging: Output? = null
/**
* @param value The well-formatted URLs of your Assertion Consumer Service (ACS)
* that should receive a response from the identity provider.
*/
@JvmName("fvkdknjsnjrvpcbf")
public suspend fun acsUrls(`value`: Output>) {
this.acsUrls = value
}
@JvmName("dlcxdpuxbmuxjkju")
public suspend fun acsUrls(vararg values: Output) {
this.acsUrls = Output.all(values.asList())
}
/**
* @param values The well-formatted URLs of your Assertion Consumer Service (ACS)
* that should receive a response from the identity provider.
*/
@JvmName("lbkdusinufojlwly")
public suspend fun acsUrls(values: List>) {
this.acsUrls = Output.all(values)
}
/**
* @param value The role to use if no role is provided during login.
*/
@JvmName("oseifsnjqmylpalr")
public suspend fun defaultRole(`value`: Output) {
this.defaultRole = value
}
/**
* @param value If set to `true`, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*/
@JvmName("hpoflbmspcqoronr")
public suspend fun disableRemount(`value`: Output) {
this.disableRemount = value
}
/**
* @param value The entity ID of the SAML authentication service provider.
*/
@JvmName("gyxccnnpmksgcmwf")
public suspend fun entityId(`value`: Output) {
this.entityId = value
}
/**
* @param value The PEM encoded certificate of the identity provider. Mutually exclusive
* with `idp_metadata_url`.
*/
@JvmName("abhfefqsvkmpjtnc")
public suspend fun idpCert(`value`: Output) {
this.idpCert = value
}
/**
* @param value The entity ID of the identity provider. Mutually exclusive with
* `idp_metadata_url`.
*/
@JvmName("shxngkmxrrnsyavq")
public suspend fun idpEntityId(`value`: Output) {
this.idpEntityId = value
}
/**
* @param value The metadata URL of the identity provider.
*/
@JvmName("wcgrelrxeryysfwv")
public suspend fun idpMetadataUrl(`value`: Output) {
this.idpMetadataUrl = value
}
/**
* @param value The SSO URL of the identity provider. Mutually exclusive with
* `idp_metadata_url`.
*/
@JvmName("nykislqdvcqfyeqo")
public suspend fun idpSsoUrl(`value`: Output) {
this.idpSsoUrl = value
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("ooomxwvhbpujdjeu")
public suspend fun namespace(`value`: Output) {
this.namespace = value
}
/**
* @param value Path where the auth backend will be mounted. Defaults to `auth/saml`
* if not specified.
*/
@JvmName("rxnncbgwboipwdpp")
public suspend fun path(`value`: Output) {
this.path = value
}
/**
* @param value If set to `true`, logs additional, potentially sensitive
* information during the SAML exchange according to the current logging level. Not
* recommended for production.
*/
@JvmName("lsmpafendvtqpoat")
public suspend fun verboseLogging(`value`: Output) {
this.verboseLogging = value
}
/**
* @param value The well-formatted URLs of your Assertion Consumer Service (ACS)
* that should receive a response from the identity provider.
*/
@JvmName("aqaenrskoqgjrsqf")
public suspend fun acsUrls(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.acsUrls = mapped
}
/**
* @param values The well-formatted URLs of your Assertion Consumer Service (ACS)
* that should receive a response from the identity provider.
*/
@JvmName("mcprqexieohsibbg")
public suspend fun acsUrls(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.acsUrls = mapped
}
/**
* @param value The role to use if no role is provided during login.
*/
@JvmName("hpcfvolxfssxjjbq")
public suspend fun defaultRole(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.defaultRole = mapped
}
/**
* @param value If set to `true`, opts out of mount migration on path updates.
* See here for more info on [Mount Migration](https://www.vaultproject.io/docs/concepts/mount-migration)
*/
@JvmName("jibvdbaneyiiafmi")
public suspend fun disableRemount(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.disableRemount = mapped
}
/**
* @param value The entity ID of the SAML authentication service provider.
*/
@JvmName("cavynrkchxjqwbuo")
public suspend fun entityId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.entityId = mapped
}
/**
* @param value The PEM encoded certificate of the identity provider. Mutually exclusive
* with `idp_metadata_url`.
*/
@JvmName("hyxibwarfnkfvvpt")
public suspend fun idpCert(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.idpCert = mapped
}
/**
* @param value The entity ID of the identity provider. Mutually exclusive with
* `idp_metadata_url`.
*/
@JvmName("enwbmhlfqvrhfprm")
public suspend fun idpEntityId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.idpEntityId = mapped
}
/**
* @param value The metadata URL of the identity provider.
*/
@JvmName("cavohgtbfhecnkgw")
public suspend fun idpMetadataUrl(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.idpMetadataUrl = mapped
}
/**
* @param value The SSO URL of the identity provider. Mutually exclusive with
* `idp_metadata_url`.
*/
@JvmName("dgavmvmsjrhmrccg")
public suspend fun idpSsoUrl(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.idpSsoUrl = mapped
}
/**
* @param value The namespace to provision the resource in.
* The value should not contain leading or trailing forward slashes.
* The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
* *Available only for Vault Enterprise*.
*/
@JvmName("dujfcofmegoiesmk")
public suspend fun namespace(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namespace = mapped
}
/**
* @param value Path where the auth backend will be mounted. Defaults to `auth/saml`
* if not specified.
*/
@JvmName("ngdbjjkrdvdxojem")
public suspend fun path(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.path = mapped
}
/**
* @param value If set to `true`, logs additional, potentially sensitive
* information during the SAML exchange according to the current logging level. Not
* recommended for production.
*/
@JvmName("pigavmaxcixjqcys")
public suspend fun verboseLogging(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.verboseLogging = mapped
}
internal fun build(): AuthBackendArgs = AuthBackendArgs(
acsUrls = acsUrls,
defaultRole = defaultRole,
disableRemount = disableRemount,
entityId = entityId,
idpCert = idpCert,
idpEntityId = idpEntityId,
idpMetadataUrl = idpMetadataUrl,
idpSsoUrl = idpSsoUrl,
namespace = namespace,
path = path,
verboseLogging = verboseLogging,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy